Issue Provisioning to eDirectory RRS feed

  • Question

  • Hey All,

          Ive seen to run into an error with provisioning accounts from FIM portal to eDirectory. I have configured an outbound sync rule that sets the following attributes uid,givenname,sn,mail,dn and exports them to eDirectory but when I go to Full import from FIM MA and Full sync i receive the following errors "sync-rule-inbound-flow-rules-invalid" and "sync-rule-flow-provisioning-failed" when i click on stack trace for the provisioning failed error I get this "Microsoft.MetadirectoryServices.ProvisioningBySyncRuleException: The DN must be set before calling CSEntry.CommitNewConnector."

    Please help...

    Wednesday, April 3, 2013 5:22 AM


All replies

  • Hello,

    To debug this error, you need to check if all attributes that you use to build the DN are present in the Metaverse.

    For example: if you use a custom expression like "CN="+accountName"+"OU=Users,DC=Contoso,DC=com", you need to provide a value for accountname in the MV.

    After that, you need to check if the flow for DN are an initial flow (check box in the Synchronization Rule)


    Wednesday, April 3, 2013 7:58 AM
  • Hi Sylvain,

         Thank you for your response. I have already configured a outbound rule with the initial flows however my issue seems to be that in the "Novell eDirectory" Management agent there is no attribute called DN for me to pass the custom expression to in the sync rules. Maybe somebody with some edirectory experience can assist me with this matter. I have done this for active directory before so I know my rules work however I'm going crazy with edirectory management agent. 

    Thursday, April 4, 2013 4:49 PM
  • Sometimes this error occurs because you have to set mandatory attributes

    Like AD, eDirectory have mandatory attributes: You need to set them with an initial flow.

    According to this link:

    eDirectory need CommonName and Surname to create an user.


    Friday, April 5, 2013 8:38 AM
  • What objectClasses are you giving to the new entry?

    Maybe this FIM error message  is a byproduct of some mandatory attributes missing. I notice no commonName in your list yet you have an uid. Ok you use the uid as the naming attribute in your DN but if you are making an entry of type Person you may need the commonName as well.. even if it is not the naming attribute.

    Friday, April 5, 2013 1:12 PM